“Apple confirmed to The New York Times Wednesday it was going to introduce a new security feature, first reported by Motherboard. USB Restricted Mode, as the new feature is called, essentially turns the iPhone’s lightning cable port into a charge-only interface if someone hasn’t unlocked the device with its passcode within the last hour, meaning phone forensic tools shouldn’t be able to unlock phones,” Joseph Cox and Lorenzo Franceschi-Bicchierai report for Motherboard.

“Naturally, this feature has sent waves throughout the mobile phone forensics and law enforcement communities, as accessing iPhones may now be substantially harder, with investigators having to rush a seized phone to an unlocking device as quickly as possible. That includes GrayKey, a relatively new and increasingly popular iPhone cracking tool,” Cox and Franceschi-Bicchierai report. “But forensics experts suggest that Grayshift, the company behind the tech, is not giving up yet.”

“‘Grayshift has gone to great lengths to future proof their technology and stated that they have already defeated this security feature in the beta build. Additionally, the GrayKey has built in future capabilities that will begin to be leveraged as time goes on,’ a June email from a forensic expert who planned to meet with Grayshift, and seen by Motherboard, reads, although it is unclear from the email itself how much of this may be marketing bluff,” Cox and Franceschi-Bicchierai report. “Ryan Duff, a security researcher who has studied iPhone and is Director of Cyber Solutions at Point3 Security, told Motherboard that USB Restricted Mode is a pretty solid solution, referring to USB Restricted Mode.”

MacDailyNews Take: Sounds like marketing bluff on the part of Grayshift to us. After all, who’s going to buy boxes from you when they’ll be far less effective in a few months? You can’t brute force if you can’t try a high number of combinations quickly.

Regardless, be sure to use long, alphanumeric passwords and, even if there is a GrayKey box on every corner, your data will remain secure.

Use at least seven characters – even longer is better – and mix numbers, letters, and symbols.

Making and selling the devices isn’t illegal, unless you could argue they’re burglary tools. Even then, the company claims that they exclusively sell the devices to law enforcement agencies that pledge to use them only in a lawful fashion.

The agencies are only breaking the law if they don’t have a warrant (and don’t have one of the narrow exceptions allowing lawful reasonable searches without one). Since any evidence they collect illegally can’t be used in court, or even to obtain other admissible evidence, using the devices illegally would be a waste of time and money… for a law enforcement agency. Good old fashioned criminals are another story, of course.

It’s worth remembering that Apple hired Jonathan Zdziarski, who was one of the world’s best security and forensics experts for mobile phones. He has a very detailed knowledge of how law enforcement people try to access iPhones and is now working for Apple, hardening iPhones against the sort of exploits that he and others employed.

It’s a little too soon to expect much of his expertise to have reached the iPhones in our pockets, but I’m sure that his contribution will make our devices considerably more secure in the future.

Nonsense. There’s obviously more to apples approach than just “locking out the USB port after an hour”, I’d imagine here’s a biometric component to it as well along with Secure Enclave authentication… doubt they’ll be able to brute force anything running iOS 12 with a biometric sensor ( Face ID / Touch ID ). Total BS.